Unable to validate incoming SAML Assertion

aloughran · April 25, 2018, 1:01pm

Problem Statement

I’m trying to setup Azure AD as an IdP in the Security section of the dashboard.

Actions

I’ve successfully send the metadata information to the IdP and have got the issuer, sso urls and certificate all setup and configured.

Issue

The last point of the SAML flow (once I’ve successfully authenticated with my idP and filled out the details with my MFA) is failing with Unable to validate incoming SAML Assertion.

Would appreciate some help, as all I get back is NONSUCCESS error. It’s Azure AD, so any tips on troubleshooting it at that end would be useful.

Andy

aloughran · April 25, 2018, 2:49pm

I resolved this - the organisation setup generated two certificates. I had to switch to the other one, and modify so that ASSERTIONS were not signed. I’d imaging other IdP would provide more explicit instructions.

arjan · January 25, 2019, 2:19pm

@aloughran i’m getting the same error, but can fix it with ur resolution. Can you share your config? or special/specific installation?
I (also) wanna add AzureAD as an IdentiryProvider.
We use to work with ADFS

Post		Replies	Views
Okta SAML issue - 400 Error - certificate issue? SAML saml	2	4281	January 27, 2024
Unable to validate incoming SAML Assertion errors with Keycloak IDP SAML	5	9285	October 27, 2020
SAML Assertion - "Invalid signature for object [id...]" SAML	2	5377	April 20, 2022
Assertion is not a valid SAML 2.0 Assertion error SAML	6	3071	February 15, 2024
Attribute with claims missing from SAML response SAML saml	2	8007	January 17, 2024

Unable to validate incoming SAML Assertion

Problem Statement

Actions

Issue

Related topics